Secure encryption of data packets for transmission over unsecured networks

ABSTRACT

Pure random numbers from a sheet within a one-time pad are employed to encrypt the bytes of a source data packet and to order the encrypted bytes in a random order within the encrypted data packet. Pure random numbers fill remaining positions within the encrypted data packet. The resulting encrypted data packet is unconditionally secure (i.e., unbreakable). Sheets within the one-time pad are utilized only once, and the one-time pad is replaced when exhausted. For electronic checking applications, the one-time pad is distributed to the user stored in an electronic checkbook, with a copy retained by the bank. For cellular telephone applications, the one-time pad is stored in a replaceable memory chip within the mobile unit with a copy retained at a single, secured central computer. For client-server applications or applications involving sales over the Internet, the one-time pad may be provided to the user on a floppy disk or CD-ROM, with a copy retained by the vendor.

BACKGROUND OF THE INVENTION

[0001] 1. Technical Field

[0002] The present invention relates in general to data encryption andin particular to securing data transfers over unsecured channels ofcommunications. Still more particularly, the present invention relatesto practical implementation of unbreakable data encryption throughone-time use of pure random numbers.

[0003] 2. Description of the Related Art

[0004] Sensitive data transfers are increasingly occurring over networkswhich are unsecured, such as the Internet or cellular telephonenetworks. By their nature, the medium by which data transfers are madein such networks must be openly accessible and/or shared, leavingtransactions susceptible to interception. The only available alternativefor securing data transfers over such networks thus becomes dataencryption.

[0005] A variety of data encryption schemes have been developed and areimplemented for data transfers over networks of the type described. Forexample, many data encoding schemes employ a reversible encryptionalgorithm modeled after the Data Encryption Standard (DES). Other dataencoding schemes, used alone or in conjunction with DES, employ acombination of public and private keys to encrypt data, such as theRivest-Shamir-Aldeman (RSA) encryption system used in many commercialsoftware packages. These encoding schemes utilize pseudo-random numbers,or number sequences having a high degree of randomness.

[0006] The only encryption system currently recognized as beingunconditionally secure is the “one-time pad,” also known as a Vernamcipher, developed by Gilbert S. Vernam while working for AT&T in 1917.When properly implemented, the one-time pad encryption mechanism isgenerally recognized by cryptographic experts to be the only knownunbreakable encoding scheme. Other encryption systems are consideredcryptographically secure, meaning that the costs associated withbreaking the code by pure mathematical methods and extensive computationare very high, although the code can theoretically be broken if enoughcomputing power could be brought to bear. One-time pads areunconditionally secure, meaning that any amount of analysis andcomputing power is insufficient because there is no pattern in the data.

[0007] The two key characteristics of the one-time pad concept whichmust be adhered to for encryption with a one-time pad to beunconditionally secure are pure randomness and one-time use. Purerandomness is thought to occur in the timing of radioactive decay and inthe arrival of cosmic background radiation. The present inventionemploys one or both of the above sources passed through acryptographically strong one-way function as the source of randomvalues. Furthermore, the present invention requires that the randomsequences thus generated are never intentionally used in more than oneembodiment.

[0008] Although recognized as being mathematically unbreakable, the onetime pad is conventionally considered not to be commercially practical.The reason is principally convenience, since the security of the systemrequires that the contents of the one-time pad be known only to theproper encrypting and decrypting entities. This requires securedistribution of the one-time pads. Furthermore, the one-time pad, whenproperly employed, requires large amounts of pure random data for theencryption/decryption values which, by definition, may be used onlyonce. Additionally, since the one-time pad contains only a finite numberof random numbers for encryption, replacement of the one-time pad isinevitably required. Finally, the one-time pad encryption method is lessideally suited for encryption of long, variable length messages thanalternative, less secure encryption schemes. For these reasons, one-timepads have not been employed up to this time in actual encryption systemsfor commercial applications, such as banking, cellular telephony, etc.

[0009] There do exist classes of problems, however, for which theone-time pad could provide unconditionally secure encryption on acommercial basis. It would be desirable, therefore, to provide a methodand apparatus for employing one-time pads in commercial applicationsrequiring encryption of data for transfer over unsecured networks. Itwould further be advantageous to provide an implementation of one-timepads which could be readily adapted to a variety of commercial dataencryption requirements.

SUMMARY OF THE INVENTION

[0010] It is therefore one object of the present invention to provide animproved method and apparatus for data encryption.

[0011] It is another object of the present invention to provide animproved method and apparatus for securing data transfers over unsecuredchannels of communications.

[0012] It is yet another object of the present invention to providepractical implementation of unbreakable data encryption through one-timeuse of pure random numbers.

[0013] The foregoing objects are achieved as is now described. Purerandom numbers from a sheet within a one-time pad are employed toencrypt the bytes of a source data packet and to order the encryptedbytes in a random order within the encrypted data packet. Pure randomnumbers fill remaining positions within the encrypted data packet. Theresulting encrypted data packet is unconditionally secure (i.e.,unbreakable). Sheets within the one-time pad are utilized only once, andthe one-time pad is replaced when exhausted. For electronic checkingapplications, the one-time pad is distributed to the user stored in anelectronic checkbook, with a copy retained by the bank. For cellulartelephone applications, the one-time pad is stored in a replaceablememory chip within the mobile unit with a copy retained at a single,secured central computer. For client-server applications or applicationsinvolving sales over the Internet, the one-time pad may be provided tothe user on a floppy disk or CD-ROM, with a copy retained by the vendor.

[0014] The above as well as additional objects, features, and advantagesof the present invention will become apparent in the following detailedwritten description.

BRIEF DESCRIPTION OF THE DRAWINGS

[0015] The novel features believed characteristic of the invention areset forth in the appended claims. The invention itself however, as wellas a preferred mode of use, further objects and advantages thereof, willbest be understood by reference to the following detailed description ofan illustrative embodiment when read in conjunction with theaccompanying drawings, wherein:

[0016]FIG. 1 depicts a block diagram of a one-time pad in accordancewith a preferred embodiment of the present invention;

[0017]FIG. 2 is a diagram of the contents of a sheet within a one-timepad in accordance with a preferred embodiment of the present invention;

[0018]FIG. 3 depicts an example of data encryption utilizing a one-timepad in accordance with a preferred embodiment of the present invention;

[0019]FIG. 4 is a high level flowchart for a process of encrypting datain accordance with a preferred embodiment of the present invention;

[0020]FIG. 5 depicts a high level flowchart for a process of decodingdata in accordance with a preferred embodiment of the present invention;

[0021]FIG. 6 is a diagram of an electronic checking environment in whichsecure encryption in accordance with a preferred embodiment of thepresent invention may be implemented;

[0022]FIG. 7 depicts a data flow diagram for a process of utilizingelectronic checks in accordance with a preferred embodiment of thepresent invention;

[0023]FIG. 8 is a block diagram of a cellular communications globaltransponder in which a preferred embodiment of the present invention maybe implemented; and

[0024]FIG. 9 depicts an Internet sales environment in which a preferredembodiment of the present invention may be implemented.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT

[0025] With reference now to the figures, and in particular withreference to FIG. 1, a block diagram of a one-time pad in accordancewith a preferred embodiment of the present invention is depicted.One-time pad 102 is maintained in a memory, such as a read only memory(ROM) or a hard disk drive, and includes a plurality of sheets 104. Eachsheet 104 contains a plurality of pure random numbers sufficient forencryption of a known, fixed length (N) data packet. Each sheet 104 isnot intentionally used in the implementation of any other one-time padssuch as one-time pad 102.

[0026] Referring to FIG. 2, a diagram of the contents of a sheet withina one-time pad in accordance with a preferred embodiment of the presentinvention is illustrated. Each sheet 104 contains a string 202 of N purerandomly-ordered numbers in the range of 1 to N. Each sheet 104 alsocontains a plurality of corresponding arrays 204. Number string 202 is anon-repeating sequence of numbers within the predetermined range Ncorresponding to the number of characters or positions in the encrypteddata packet. For example, if the encrypted data packet will have fivehundred positions, the numerals 1 through 500 will be randomly orderedand placed in string 202. Individual numbers within string 202 areemployed to identify the position for a corresponding byte of data inthe encrypted data packet. For example, the first number 206 withinstring 202 designates the position within the encrypted data packet inwhich the first byte of source data will be placed after encryption.

[0027] Each individual number within string 202 has an associated arraywithin array set 204. Each array 208 contains a non-repeating sequenceof random numbers comprising a character map to be employed for thecharacter in the respective position. For the sake of simplicity andclarity of explanation, the exemplary embodiment depicts only themapping for numeric characters 0-9 and a delimiter (“*”). However, themapping may easily be extended to include alphabetic or text charactersmerely by increasing the size of arrays 204. The arrays 204 essentiallycomprise encryption instructions for data packets not exceeding thelength of position string 202.

[0028] The characters or values within a character map array 208 for agiven position are randomly generated subject only to the constraintthat the same value may not appear twice in a given array. However, thesame value may appear many times within different arrays in array set204. In fact, 128 different characters can be encoded in each bytecomprising map array 208. While the exemplary embodiment depicts onlynumerals less than 100 in arrays 204, any set of 128 unique charactersmay be employed to form the character maps, including alphanumericcharacters and special characters (colons, hyphens, dashes, quotationmarks, punctuation, etc.).

[0029] The fact that only 128 different characters can be representedwithin any one byte of array 208 creates a limitation on the encryptionof double byte based text that occurs in Asian languages. However, thepresent invention is likely to find its widest commercial use in short,fixed length, numeric related applications such as electronic checking,position reporting, and client-server authentication and verification.Since the present invention is not intended for widespread use in textencryption, the exemplary embodiment illustrates a single byte approach.However, those skilled in the art will quickly understand that thepresent invention can be extended to include double byte encoding.

[0030] As described, the character map values within each array 208 inarray set 204 are random numbers, and the sequence of numbers in string202 is randomly ordered. Two sources of “randomness” are thought toexist: the time period associated with electronic emission/decay for asingle radioactive particle and the level of background radiationoriginating from space. Methods for generating pure random numbers arewell-known in the art, and include measuring the random time intervalsassociated with radioactive decay or cosmic background radiation andpassing these measurements through a one-way hash function. Thesemethods may be employed in known manners for generating values for thecharacter maps in arrays 204, for randomly ordering numbers withinstring 202, and for filling the unused bytes of the encrypted datapacket.

[0031] Referring again to FIG. 1, the requirement that true randomnumbers be employed in sheets 104 within one-time pad 102 cannot becircumvented for convenience. Pseudo-random numbers, which are usuallygenerated from a seed value using a hash function, are not acceptablesubstitutes since an estimate of the seed value may be employed toderive the hash function required to duplicate the resulting pattern.With a fairly accurate estimate of the seed value, the number ofmathematical operations required to crack the encryption mechanismbecomes workable. The vulnerability of pseudo-random numbers, even thosebelieved to be cryptographically secure, has been demonstrated where thetime and process id have been used in the key of popular softwaresecurity features.

[0032] One-time pad 102 may also include counter 106 identifying thenext sheet 104 which may be utilized for encryption or decryption. Boththe encrypting and decrypting entities are provided with identicalcopies of one-time pad 102 through a secure medium such ashand-delivery. As sheets 104 within one-time pad 102 are utilized,counter 106 is advanced to point to the next available sheet. Whencounter 106 contains a value exceeding the number of sheets 104 withinone-time pad 102, one-time pad 102 is depleted and must be replaced.

[0033] The requirement that a given sheet 104 within one-time pad 102 beused only once and never be reused is critical. Reuse of sheets 104within one-time pad 102 compromises the security of the resultingencrypted data packet. It is intended that data packets encrypted by themethod provided in the present invention could be accompanied by theplain text of the source packet, and still be invulnerable tocryptographic attack. Reuse of sheets 104 would prohibit this level ofunconditionally secure encryption.

[0034] With reference now to FIG. 3, an example of data encryptionutilizing a one-time pad in accordance with a preferred embodiment ofthe present invention is depicted. Source data packet 302 contains astring of characters comprising the message to be encrypted fortransmission. Again, while the exemplary embodiment depicts only numericcharacters and a delimiter, the process described may be readily appliedto expanded character sets.

[0035] Furthermore, the order in which the pure random numbers are usedfrom sheet 104 within a specific one-time pad 102 can be varieddepending on a particular customer or implementation. The sameencoding/decoding software is simply placed in the one-time pad deviceand the decoding computer. This allows for further security through theability to physically secure the one-time pad and the encoding/decodingsoftware separately. The ability to separate responsibilities is one keymethod used in the prevention of theft by inside employees. In theexemplary embodiment, one particular pattern is followed forillustrative purposes.

[0036] The encrypted data packet 304 contains positions for theencrypted bytes of source data packet 302, with five hundred positionsdepicted in the exemplary embodiment. The value of the first numeral inthe position string of a sheet in the one-time pad is utilized todetermine the position of the first encrypted byte. Utilizing theexample depicted in FIG. 2, the first encrypted byte of source datapacket is to be placed in position 3. The value of the first byte withinsource data packet is looked up in the associated character map forposition 3, and the encrypted value “92” is entered in encrypted datapacket 304 at position 3. Similarly, the value “67” is entered inposition 14 and the value “38” is entered in the ninth position ofencrypted data packet 304 to encode the second and third bytes of sourcedata packet 302, respectively. This encryption process continues untilall bytes of source data packet 302 have been encrypted.

[0037] When all bytes of source data packet 302 have been processed andan encryption value placed in the appropriate position of encrypted datapacket 304, the remaining positions are filled. The remaining positionsmay be filled with pure random numbers from the sheet of the one-timepad being employed. The positions within the encrypted data packet 304which do not contain values from the source data packet 302 are used forauthentication, verification, and disinformation.

[0038] When expanded to include the full character set, the secureencryption mechanism of the present invention possesses the ability torandomly encode each byte of a source data packet in at least 128different ways. Furthermore, any character of data may be placed in anyof the positions within the encrypted data packet. Thus, each characterof data may be encrypted in hundreds of thousands of different ways,depending on the length of the encrypted data packet, with eachcharacter entirely independent of any other character. There exists nopattern in either the encoding of a character or its position within anencrypted data packet, nor is there any pattern between distinctencrypted data packets. The encoding and position mappings are knownonly to entities possessing a copy of the one-time pad and knowing whichsheet was employed for encryption. No human intervention is required foreither the random number generation, encoding, or decoding processes.Once a sheet within the one-time pad has been used, that sheet is neverintentionally used again, although theoretically the same sheet may berandomly generated again within another one-time pad.

[0039] The feature of randomly ordering encrypted byte within theencrypted data packet is not found in conventional one-time pads, whichare simple look-up tables for each character or word placed in order inthe encrypted message. Thus, the present invention provides greatersecurity than conventional one-time pads. Furthermore, the startinglocation for the position string and arrays may be varied from one-timepad to one-time pad. For example, one-time pad may begin with the fifthnumeral in the position string, while another begins with thefifty-third numeral.

[0040] It should be noted that the “arrays” described above are simpleconstructs used for convenience in describing the invention. Othermethods of employing random numbers to encrypt the source data may beemployed instead of or in addition to character maps, including XORingthe bits of a random number with the bits of the character or word beingencrypted.

[0041] Referring to FIG. 4, a high level flowchart for a process ofencrypting data in accordance with a preferred embodiment of the presentinvention is illustrated. The process begins at step 402, which depictsinitiation of the encryption process by a transmitting entity preparingto transmit a source data packet over an unsecured network. The processthen passes to step 404, which illustrates reading a sheet from theone-time pad and, if the one-time pad is equipped with a counter,incrementing the counter.

[0042] The process next passes to step 406, which depicts reading aposition indicator from the positions string, and then to step 408,which illustrates reading the next character to be encrypted from thesource data packet. The process passes next to step 410, which depictslooking up the character to be encrypted in the character map associatedwith the position identified by the position indicator. The process thenpasses to step 412, which illustrates placing the encrypted characterassociated in the character map with the character read from the sourcedata packet in the position designated by the position indicator readfrom the position string.

[0043] The process then passes to step 414, which depicts adetermination of whether the entire source data packet has beenencrypted. If not, the process returns to step 406 for encryption ofadditional characters from the source data packet as described above. Ifso, however, the process proceeds to step 414, which illustrates fillingthe remaining positions in the encrypted data packet. As describedabove, the remaining positions may be filled with information encryptedwith pure random numbers for authentication, verification, ordisinformation purposes.

[0044] Once the entire encrypted data packet is filled, the processpasses to step 416, which depicts the process becoming idle untilanother data packet requires encryption. The data packet encrypted bythe process described may be securely transmitted over unsecurednetworks without danger of being compromised.

[0045] With reference now to FIG. 5, a high level flowchart for aprocess of decoding data in accordance with a preferred embodiment ofthe present invention is illustrated. The process begins at step 502,which depicts initiation of the decryption process in response, forexample, to receipt of an encrypted data packet. The process then passesto step 504, which illustrates reading the next available sheet from theone-time pad and, if the optional counter is present, incrementing thecounter.

[0046] The process next passes to step 506, which depicts reading thefirst (or next) position in the position string within the one-time padsheet, and then to step 508, which illustrates reading the encryptedcharacter at the position within the encrypted data packet designated bythe position indicator read. The process passes next to step 510, whichdepicts looking up the encrypted character in the character mapassociated with the designated position to determine the decodedcharacter. The process then passes to step 512, which illustratesplacing the decoded character in the next available position within thedecoded data packet.

[0047] The process then passes to step 514, which depicts adetermination of whether the encrypted data packet has been completelydecoded. This determination may be made, for example, based on whetheran expected number of characters have been decoded from the encrypteddata packet, or on whether a stop character and expected fill charactershave been encountered. If further decoding is required, the processreturns to step 506 for decryption of additional characters within theencrypted data packet.

[0048] A determination of whether the decode was successful may simplyinvolve checking the decoded data packet for a stop character, checkingfor a known number of characters to be decoded, or may involve lookingfor an expected authentication or verification character sequence(“watermark” or “signature”) within the decoded data packet. When themessage has been decoded, the fill characters are checked forauthentication and verification purposes.

[0049] If the decode was not successful, the process may optionallyproceed to step 518, which illustrates adjusting the one-time pademployed in the decryption process in an attempt to resynchronize theone-time pads employed by the transmitting and receiving entities. Thismay be achieved, for example, by adjusting the counter value tocompensate for the receiving entity being behind the transmittingentity, the most likely source of error in synchronization. If thecounter was incremented in the last decryption attempt, the decryptingprocess may simply be attempted again.

[0050] To avoid the potential for synchronization errors in utilizingsheets within the one-time pad, an alternative procedure is to have thedecryption process check the fill characters in adjacent sheets forauthentication and verification purposes prior to decoding.

[0051] Referring again to step 516, if the data packet was successfullydecoded, the process proceeds instead to step 520, which depicts theprocess becoming idle until decryption of a received data packet is onceagain required.

[0052] Referring to FIG. 6, an electronic checking environment in whichsecure encryption in accordance with a preferred embodiment of thepresent invention may be implemented is depicted. The electronicchecking environment depicted includes a receiving device 602 located atthe merchant's place of business which is connected to a server 604located at the customer's bank. Receiving device 602 may be connectedvia communications link 606 to the Internet 608, which is in turnconnected via communications link 610 to server 604, such thatelectronic checks are processed via the Internet. Alternatively,receiving device 602 may be directly connected to server 604 viacommunications link 612, which may provide dial-up access or the like.

[0053] An electronic checkbook 614 is capable of being selectivelyattached to receiving device 602. The term “electronic checkbook” isused herein to refer to a collection of fixed length randomly encodeddata packets, regardless of the medium in which such packets are held,together with the instructions for encrypting. Similarly, the term“electronic check” is used herein to refer to a single fixed lengthrandomly encoded data packet encrypted utilizing the corresponding sheetfrom a one-time pad. Each electronic check within an electroniccheckbook is utilized only once.

[0054] The electronic checks generated by electronic checkbook 614 wouldcontain, in an encrypted data packet, information such as the amount,the payee's account number, and the customer's signature. The signaturemay comprise a simple password, or may be a fingerprint, retina scan, orany other positive means of identification. The number of bytes requiredto encode a check's confidential information should be on the order of100 bytes, although each electronic check may be on the order of a fewhundred bytes with the unused bytes filled with additional characters asdescribed above.

[0055] When an individual first becomes a customer of a bank, orreorders checks, the bank supplies the customer with electroniccheckbook 614, with bank routing and account identification associatedwith the electronic checks. Electronic checkbook 614 may include areorder form for automatic reorder when the number of remaining checksfalls below a certain number. The customer may select a password orpersonal identification number (PIN), i.e., signature, to be associatedwith the electronic checks as is currently done for automated tellermachine (ATM) access.

[0056] The collection of data packets comprising electronic checkbook614 are contained within a suitable form of electronic memory encased ina hard case or other suitable durable means of protecting the memory.The electronic checkbook 614 may be a simple memory device such as atype of Personal Computer Memory Card International Association (PCMCIA)card capable of being inserted into receiving device 602. Receivingdevice 602 may thus be equipped with a keyboard and display (not shown)for user interaction and the capability of reading electronic checksfrom electronic checkbook 614, encrypting transaction informationutilizing the associated sheet from a one time pad, and transmitting theencrypted data packet for the transaction while deleting the one-timepad sheet from any local or internal memory in receiving device 602. Foradditional security, the encryption could occur only within the PCMCIAcard. However, this method allows for the possibility of the checkbookowner's password being compromised, which is not the preferredembodiment of the present invention.

[0057] Alternatively, in the preferred embodiment of the presentinvention, electronic checkbook 614 could be a relatively simple deviceallowing for write-only transmission of encrypted data packets. That is,no capability to read its contents would exist. A small keyboard, asmall display, and a single port would be required, with electroniccheckbook 614 inserted into receiving device 602 when preparing to writean electronic check. Receiving device 602 may be located at themerchant's place of business or be connected to a customer's computerfor transactions over the Internet. The payee and the amount could beautomatically provided by receiving device 602, with the customerentering a password and pressing a write button when the correct payeeand amount are displayed. The electronic check would then be written toreceiving device 602, which would transmit the electronic check toserver 604 for processing.

[0058] As still another alternative, electronic checkbook 614 may bedownloaded into a device possessed by the customer, such as a personaldigital assistant (PDA). Electronic checkbook 614 could be downloaded tothe customer's PDA at the time the account is opened, with checksreplenished without human interaction at ATM's modified to include aport for this purpose. Therefore, check replenishment would be readilyavailable 24 hours a day.

[0059] Server 604 located at the customer's bank is connected to astorage device 616 containing the other copy of the one-time padutilized to encrypt the confidential information within the electroniccheck and an authorized check list associating electronic checks withsheets of the one-time pad. The electronic checking environment may alsoinclude a second server 618 located at the payee's bank connected toInternet 608 by communications link 620, and a third server 622 locatedat a clearinghouse connected to Internet 608 via communications link624. In this manner, the electronic checks may be passed among allentities concerned via Internet 608 without generating any paper.

[0060] By encrypting the electronic checks using a one-time pad inaccordance with the present invention, the plain text of at least aportion of the encrypted message—such as the amount, the payee, etc.—mayaccompany the encrypted electronic check and the encrypted data wouldstill be invulnerable to cryptographic attack. Knowledge of a portion ofthe message encrypted, even if accompanied by knowledge of the orderingof these portions within the source message, is of no benefit inattempting to break the encrypted message. Thus, authentication andverification codes required to validate the electronic check wouldremain encrypted in an unbreakable manner.

[0061] An additional level of security may be introduced by varying thestarting location used for the position string between electroniccheckbooks (i.e, starting with the seventh random number in the stringin one electronic checkbook while starting with the thirty first randomnumber in a different electronic checkbook). The responsiblity forgenerating the random numbers for the one-time pad may thus be separatedfrom the responsibility for selecting a starting location within theposition string and arrays to be employed by a particular one-time pad,increasing the difficulty of employee theft of the information. Anelectronic checkbook may be manufactured and filled with one-time sheetsby one entity, and programmed with a randomly selected starting locationwithin the position string by a different entity.

[0062] With reference now to FIG. 7, a data flow diagram for a processof utilizing electronic checks in accordance with a preferred embodimentof the present invention is depicted. The merchant or payee supplies themerchant's account identification and an amount to the payor through areceiving device. The electronic check, an encrypted data packet such asdescribed above, is generated by the customer or payor 702 andtransmitted to the merchant or payee 704. Merchant 704 appends themerchant's bank routing and account identification numbers to theelectronic check, then routes the electronic check to both the payor'sbank 706 and the merchant's or payee's own bank 708.

[0063] Payor's bank 706 is the only place where the electronic check canbe decoded. When payor's bank 706 receives the electronic check, payor'sbank 706 decodes the electronic check, verifies and authenticates thecheck, checks the balance of the payor's account, freezes the amountindicated in the electronic check within the payor's account, andelectronically forwards the electronic check, with the appended payeeaccount information, to clearinghouse 710 together with a codedauthorization for payment of the indicated amount to the payee.

[0064] At the same time, when payee's bank 708 receives the check,payee's bank 708 marks the payee's account as pending receipt of adeposit and forwards the check to clearinghouse 710. Clearinghouse 710compares the two (encrypted) electronic checks received from payor'sbank 706 and payee's bank 708. If they match, clearinghouse subtractsthe indicated amount from the clearing account of payor's bank 706, addsthe indicated amount to the clearing account of payee's bank 708,notifies payor's bank 706 that the electronic check has been settled,and notifies payee's bank 708 that the electronic check has been settledwith the indicated amount placed in the clearing account of payee's bank708.

[0065] On receipt of the notice from clearinghouse 710, payor's bank 706subtracts the indicated amount from the payor's account, removes theelectronic check from the payor's authorized check list, and notifiesthe payor 702 that the check has been settled. The payor's electroniccheckbook may then remove the used electronic check from the set ofavailable electronic checks. Meanwhile, on receipt of the notice fromclearinghouse 710, payee's bank 708 adjusts the payee's account by theindicated amount and notifies payee 704 that the check has been settled.

[0066] At this point, the transaction is complete. The elapsed time forthe transaction could be very short. Bottlenecks will occur primarilyfrom limited bandwidth at the retail counter and within the Internet.Bandwidth problems at the retail counter may be alleviated by usingparallel receiving devices.

[0067] Use of electronic checks over the Internet, directly from acustomer's home, would operate in a similar fashion. However, thecustomer must send a copy of the electronic check to the merchant.Moreover, a number of additional features could be added to theelectronic checking system, such as the ability to directly depositelectronic checks to and/or through the customer's electronic checkbook.

[0068] The electronic checking environment of the present inventionwould allow the current, paper-based checking system to beelectronically emulated, while providing greater security than thatavailable in the current paper process. The ease of understanding andheightened security will facilitate earlier and faster adoption ofelectronic checking. The current clearinghouse function will persist inan electronic form, and current banking laws, regulations, andprocedures may be applied. The present invention also allows paperchecks and electronic checks to coexist during a transition period topure (or majority) electronic banking.

[0069] Referring to FIG. 8, a block diagram of a cellular communicationsglobal transponder in which a preferred embodiment of the presentinvention may be implemented is illustrated. Global transponder 802 is adevice which automatically returns a data packet containing the latitudeand longitude of the location of global transponder 802 in response toreceiving a cellular telephone call. The data packets may be transmittedover non-secure, commercial cellular phone circuits such as thoseprovided by the Iridium Project, which provides global cellularcommunications to and from any spot on earth.

[0070] Global transponder 802 includes processor 804 connected to memory806. The connection may be in the form of a system bus 808, which isalso connected to an external port 810 for programming or communicationwith other devices. Processor 804 is also connected to cellular modem812, which is connected in turn to antenna 814. Processor 804 andantenna 814 are also both connected to global positioning system (GPS)chip set 816. Such GPS chip sets are available from a number ofcommercial sources. GPS chip-set 816 preferably returns GPS fix data inthe NMEA-0183 ASCII RS232 format. Sensors 818 and switches 820 connectedto processor 804 provide sources of data and control, respectively, forglobal transponder 802.

[0071] Global transponder 802 automatically returns a data packet inresponse to a cellular phone call from a central computer (not shown).The content of the data packet that is returned varies depending on thecontent of the request packet originating from the central computer. Ingeneral, the data packet returned will include GPS latitude andlongitude information, and may also include sensor data and/orinformation regarding the object to which global transponder 802 isattached.

[0072] When a cellular phone call is received, modem 812 automaticallyanswers and receives the request packet, transmitting the request packetto processor 804. Processor 804 examines the request packet anddetermines what response packet should be sent. GPS fix data from GPSchip set 816 is stored in memory 806, as is data from sensors 818.Processor 804 extracts the appropriate information from memory 806 forthe response packet, forwarding the response packet to modem 812 fortransmission. Although the latitude and longitude may be transmitted inapproximately 20 digits, the data packets returned may be any fixedlength. The data packets could easily be a few hundred bytes long andstill be transmitted, in burst mode, in a very short time interval (onthe order of one second).

[0073] There are times when the data packets returned by globaltransponder 802 must be protected, as in the case of a downed militarypilot. Therefore, the one-time pad of the present invention may beemployed to encrypt the data packet. A portion of memory 806 may be amicrochip containing the one-time pad. When the latitude/longitude ofglobal transponder 802 is required, the central computer dials cellularphone number of global transponder 802 and transmits a request comprisedof a previously determined pattern of random characters. Processor 804compares the pattern in the request packet to patterns associated withvalid sheets of the one-time pad, copies of which are only in globaltransponder 802 and the central computer.

[0074] If processor 804 fails to identify a match with patternsassociated with the one-time pad, then global transponder 802 simplyterminates the cellular telephone connection without returning a datapacket. Global transponder 802 may also record the date and time of theattempted contact. On the other hand, if a match to the pattern in therequest packet is determined, processor 804 generates a data packetcontaining the latitude and longitude encrypted using the sheet of theone-time pad which is associated with the pattern from the requestpacket. This data packet is then returned to the requesting entity(i.e., the central computer).

[0075] Upon receiving the encrypted data packet, the central computervalidates the packet by comparing bytes not containinglatitude/longitude information with bytes expected to be returned inresponse to the request packet. If the packet is valid, the centralcomputer extracts and decodes the encrypted latitude and longitudeinformation.

[0076] In order to prevent jamming by repeatedly calling the phonenumber utilized by global transponder 802, it may be desirable toassociate a unique phone number with each sheet in the one-time pad.Thus, global transponder 802 would respond to any of the phone numbersassociated with sheets in its one-time pad. In addition, for militaryapplications, buttons may be added to allow a downed pilot to indicatehis/her physical condition, the state of enemy activity, and whetherhis/her capture is imminent. The sensors might be used to transmit thepilot's vital signs, such as heart rate. Additionally, functionality maybe added to allow the pilot to transmit the information without waitingfor an incoming cellular phone call, or to indicate whether the devicehad fallen into enemy hands.

[0077] Since the one-time pad and the cellular phone numbers arehard-coded into memory 806 of global transponder 802, this informationcannot be leaked and reverse engineering would not yield any substantiveinformation. The use of commercial connections reduces the cost whileproviding, with encryption, the same or a better level of security.Fly-overs would not be required since the pilots exact location could beidentified, reducing the potential for conflict or compromise of thepilot's location.

[0078] With reference now to FIG. 9, an Internet sales environment inwhich a preferred embodiment of the present invention may be implementedis depicted. The Internet sales environment includes a user unit 902connected to the Internet 904 by communications link 906, which may forexample be access through an Internet service provider (ISP). A server908, which may be a HyperText Transmission Protocol (HTTP) server, islocated at the vendor's facilities and is also connected to Internet 904via communications link 910. User unit 902 may include a browser, anapplication designed to submit HTTP requests and display informationformatted in the HyperText Markup Language (HTML). Thus, transactions inthe Internet sales environment depicted may be conducted over the WorldWide Web (WWW).

[0079] The vendor may provide a one-time pad to potential customers. Forexample, a company selling software may provide a one-time pad to acustomer setting up an account to order upgrades or new products overthe Internet. Alternatively, the user's credit card company may providea one-time pad for use in conducting transactions over the Internet.Sales orders transmitted over the Internet 904, or at least confidentialinformation within sales orders, are encrypted by user unit 902, and areeither decoded by the vendor, if the one-time pad originated from thevendor, or forwarded by the vendor to the credit card company fordecoding and payment authorization.

[0080] Alternatively, the one-time pad may be employed in client-serverenvironments for authentication and verification purposes. In thisalternative, a vendor might be able to deliver software customized for aparticular environment after receipt of a data packet encrypted using aone-time pad previously sold to the customer.

[0081] It is important to note that while the present invention i hasbeen described in the context of fully functional systems, those skilledin the art will appreciate that the mechanism of the present inventionis capable of being distributed in the form of a computer readablemedium of instructions in a variety of forms, and that the presentinvention applies equally regardless of the particular type of signalbearing media used to actually carry out the distribution. Examples ofcomputer readable media include: recordable type media such as floppydisks and CD-ROMs and transmission type media such as digital and analogcommunication links.

[0082] While the invention has been particularly shown and describedwith reference to a preferred embodiment, it will be understood by thoseskilled in the art that various changes in form and detail may be madetherein without departing from the spirit and scope of the invention.

What is claimed is:
 1. A method of encrypting data packets, comprising:selecting a byte within a source data packet; randomly selecting anavailable position within an encrypted data packet in which to place anencrypted byte corresponding to said selected byte of said source datapacket; encrypting said selected byte using a random number to generatesaid encrypted byte; and placing said encrypted byte in said selectedposition within said encrypted data packet, wherein said selected byteof said source data packet is encrypted in an unconditionally securemanner.
 2. The method of claim 1, further comprising: repeating saidsteps of selecting a byte, randomly selecting an available position,encrypting said selected byte, and placing said encrypted byte in saidselected position for each byte within said source data packet.
 3. Themethod of claim 2, further comprising: after encrypting all bytes ofsaid source data packet, filling remaining positions within saidencrypted data packet with random numbers.
 4. The method of claim 2,further comprising: after encrypting all bytes of said source datapacket, encrypting authentication data; and placing bytes of saidencrypted authentication data in remaining positions within saidencrypted data packet.
 5. A one-time pad, comprising: a memory device; anonrepeating, randomly ordered sequence of N numbers within the range of1 to N within the memory device; and a plurality of arrays of randomnumbers within said memory device, each array within said plurality ofarrays associated with a number within said sequence of numbers.
 6. Theone-time pad of claim 5, wherein each array within the plurality ofarrays comprises a character map.
 7. The one-time pad of claim 5,wherein said sequence and said plurality of arrays comprise a sheet. 8.The one-time pad of claim 5, further comprising: a counter within saidmemory device, said counter pointing to a sheet within a plurality ofsheets within said one-time pad.
 9. An electronic checkbook, comprising:a memory containing a plurality of encryption sheets, each encryptionsheet within the plurality of encryption sheets including: a string of Nnumbers within the range of 1 to N arranged in a nonrepeating, randomlyordered sequence; and a plurality of random number arrays, each arraywithin said plurality of arrays associated with a different numberwithin said string of numbers; and a plurality of identifiersassociating each encryption sheet within the plurality of encryptionsheets with an electronic check.
 10. The electronic checkbook of claim9, wherein each encryption sheet and said associated identifiercomprises an unused electronic check.
 11. The electronic checkbook ofclaim 9, wherein said electronic check comprises information encryptedusing an encryption sheet within said plurality of encryption sheets.12. The electronic checkbook of claim 11, wherein said electronic checkfurther comprises: a plurality of encrypted bytes generated from aplurality of source bytes, wherein each encrypted byte is placed in aposition within said plurality of encrypted bytes identified by aposition number located within said string at a location correspondingto a location within said plurality of source bytes containing a sourcebyte utilized to generate said encrypted byte, and wherein eachencrypted byte comprises a random number corresponding, within an arrayassociated with said position number, to said source byte.
 13. Theelectronic checkbook of claim 12, wherein said electronic check furthercomprises: authentication data encrypted with said plurality ofencrypted bytes.
 14. The electronic checkbook of claim 9, wherein saidelectronic checkbook further comprises: a port for connection to areceiving device.
 15. A method of processing an electronic check,comprising: receiving an electronic check encrypted using a one-time padat a business; transmitting a first copy of said electronic check to apayor's bank and a second copy of said electronic check to a payee'sbank; and decoding said first copy of said electronic check at saidpayor's bank using a copy of said one-time pad.
 16. The method of claim15, further comprising: authenticating said electronic check; andtransmitting said first copy of said electronic check to a clearinghousewith a payment authorization.
 17. The method of claim 16, furthercomprising: transmitting said second copy of said electronic check tosaid clearinghouse; comparing said first copy of said electronic checkto said second copy of said electronic check; and responsive todetermining that said first copy of said electronic check matches saidsecond copy of said electronic check, processing a transactiontransferring funds from said payor's bank to said payee's bank.
 18. Amethod of securing transmission of a global transponder location,comprising: receiving a request packet via a cellular communicationslink to said global transponder; encrypting a data packet containing alatitude and a longitude for a location of said global transponder usinga one-time pad containing within said global transponder; andtransmitting said encrypted data packet to a central computer over saidcellular communications link.
 19. The method of claim 18, wherein saidstep of encrypting a data packet further comprises: locating anidentifier within said request packet; comparing said identifier to aplurality of identifiers in said global transponder, wherein identifierwithin said plurality of identifiers is associated with a sheet withinsaid one-time pad; responsive to determining that said identifier withinsaid request packet does not match any identifier within said pluralityof identifiers, terminating said cellular communications link; andresponsive to determining that said identifier within said requestpacket matches an identifier within said plurality of identifiers,encrypting said data packet using a sheet within said one-time padassociated with said matching identifier.
 20. A global transponder,comprising: a processor connected to a memory containing a one-time pad;a cellular modem connected to said processor and an antenna; a GPS chipset connected to said processor and said antenna, said GPS chip setproviding GPS fix data to said processor, wherein said processor,responsive to receiving a call through said cellular modem, encryptssaid GPS fix data using said one-time pad for transmission via saidcellular modem.
 21. A method of encrypting data packets using a one-timepad, comprising: selecting a character within a source data packet;reading a position number within a randomly ordered, nonrepeatingsequence of N numbers within the range of 1 to N, wherein said positionnumber is at a location within said sequence corresponding to a locationof said selected character within said source data packet; reading arandom number within a nonrepeating array of random numbers associatedwith said position number, wherein said random number corresponds withinsaid array to said selected character; and placing said random number ina position within an encrypted data packet corresponding to saidposition number.
 22. The method of claim 21, further comprising:repeating said steps of selecting a character, reading a positionnumber, reading a random number corresponding to said selectedcharacter, and placing said random number in a position corresponding tosaid position number for each character within said source data packetto encrypt said source data packet.
 23. The method of claim 22, furthercomprising: after encrypting said source data packet, encrypting anauthentication code; and placing the encrypted authentication codewithin said encrypted data packet.
 24. The method of claim 22, furthercomprising: after encrypting said source data packet, encrypting a stopcode; and placing the encrypted s top code within said encrypted datapacket.
 25. A method of decoding data packets encrypted using a one-timepad, comprising: reading a position number within a randomly ordered,nonrepeating sequence of N numbers within the range of 1 to N; reading arandom number located within an encrypted data packet at a positioncorresponding to said position number; determining a charactercorresponding to said random number within a nonrepeating array ofrandom numbers associated with said position number; and placing saidcharacter in a next available position within a decoded data packet. 26.The method of claim 25, further comprising: repeating said steps ofreading a position number, reading a random number, determining acharacter corresponding to said random number, and placing saidcharacter in a next available position for each character in saiddecoded data packet.
 27. The method of claim 26, further comprising:detecting a stop code encrypted in said encrypted data packet.
 28. Themethod of claim 26, further comprising: decoding an authentication codeencrypted in said encrypted data packet.
 29. A computer program productfor use with a data processing system, comprising: a computer usablemedium; first instructions on said computer usable medium for selectinga character within a source data packet; second instructions on saidcomputer usable medium for reading a position number within a randomlyordered, nonrepeating sequence of N numbers within the range of 1 to N,wherein said position number is at a location within said sequencecorresponding to a location of said selected character within saidsource data packet; third instructions on said computer usable mediumfor reading a random number within a nonrepeating array of randomnumbers associated with said position number, wherein said random numbercorresponds within said array to said selected character; and fourthinstructions on said computer usable medium for placing said randomnumber in a position within an encrypted data packet corresponding tosaid position number.
 30. A computer program product for use with a dataprocessing system, comprising: a computer usable medium; firstinstructions on said computer usable medium for reading a positionnumber within a randomly ordered, nonrepeating sequence of N numberswithin the range of 1 to N; second instructions on said computer usablemedium for reading a random number located within an encrypted datapacket at a position corresponding to said position number; thirdinstructions on said computer usable medium for determining a charactercorresponding to said random number within a nonrepeating array ofrandom numbers associated with said position number; and fourthinstructions on said computer usable medium for placing said characterin a next available position within a decoded data packet.